[Samba] Can copy to test share, but not read, move or delete

Dan Roberts dan at jlazyh.com
Sun Apr 29 22:07:22 GMT 2007 

I have a new SentOS 5 system and have been having problems with Samba.  
I had been able to access my test share but not my home share.  
Attempting to re-set thigns as describe by the "webmin configure samba" 
info resluted in being able to see everything but the home shares.  I 
don't know if I could have copied or written to these other directories 
- didn't try.  Continued tinkering and I found I could copy files to my 
test share but then do nothing more with them - not delete, copy or even 
open from a remote system...  So a clean install seemed like a good idea.

I uninstalled and reinstalled via RMP the entire samba package, but I 
have the same issues.
In short -
    1 - I can copy files into the test shares, but then do nothing more 
with them.
    2 - I can't access my home directory at all.
    3 - I also find that in the testing processes, 'nmblookup -B _ 
_SAMBA_ _' returns unexpected results, but I can see file and smbd and 
nmbd seem to be running.

It seems like I have some issue with my system security, but I don't 
know what or where to resolve that.  I do have several different Samba 
users and they were built from my current unix users - the passwords 
look correct too.

Below I have tried to provide enough info about what the system has 
going on that someone with far greater awareness of Samba and Unix then 
I might spot where my problem lies. Truly hope so, for I could use all 
the help I can get right now.

Ok - first things first I have a very simple smb.conf file
[global]
        log file = /var/log/samba/%m.log
        server string = Trailrunner, Samba %v on (%L)
        remote announce = 10.20.30.255
        workgroup = DJ14847
        encrypt passwords = Yes
        security = user
        max log size = 50
        allow hosts = 10.20.30. 127.0.0.1
        log level = 3
        browsable = yes
        local master = yes

[homes]
        guest ok = no
        browsable = no

[temp]
        comment = temp test directory
        writeable = yes
        browsable = yes
        public = yes
        path = /sambatest

[test]
        comment = for testing purposes only
        path = /export/test
        writeable = yes
        read only = no
        public = yes

When I start up the server I get no error messages that are obvious.
The log files for smbd and nmbd are as follows:
[root at trailrunner samba]# tail /var/log/samba/smbd.log
[2007/04/29 15:52:38, 3] lib/privileges.c:get_privileges(261)
  get_privileges: No privileges assigned to SID [S-1-22-2-99]
[2007/04/29 15:52:38, 3] lib/privileges.c:get_privileges(261)
  get_privileges: No privileges assigned to SID [S-1-5-2]
[2007/04/29 15:52:38, 3] lib/privileges.c:get_privileges(261)
  get_privileges: No privileges assigned to SID [S-1-5-32-546]
[2007/04/29 15:52:38, 3] printing/printing.c:start_background_queue(1386)
  start_background_queue: Starting background LPQ thread
[2007/04/29 15:52:38, 2] smbd/server.c:open_sockets_smbd(384)

[root at trailrunner samba]# tail /var/log/samba/nmbd.log
[2007/04/29 15:48:56, 3] 
nmbd/nmbd_incomingrequests.c:process_name_query_request(454)
  process_name_query_request: Name query from 10.20.30.52 on subnet 
10.20.30.45 for name DJ14847<1d>
[2007/04/29 15:49:23, 3] 
nmbd/nmbd_incomingrequests.c:process_name_query_request(454)
  process_name_query_request: Name query from 10.20.30.52 on subnet 
10.20.30.45 for name DJ14847<1d>
[2007/04/29 15:49:33, 3] 
nmbd/nmbd_incomingrequests.c:process_name_query_request(454)
  process_name_query_request: Name query from 10.20.30.52 on subnet 
10.20.30.45 for name DJ14847<1d>
[2007/04/29 15:51:43, 3] 
nmbd/nmbd_sendannounce.c:send_host_announcement(208)
  send_host_announcement: type 819a03 for host TRAILRUNNER on subnet 
10.20.30.45 for workgroup DJ14847

nmblookup -B returns rather odd results - and I am not sure how to 
resolve this issue.
[root at trailrunner samba]# nmblookup -B trailrunner _ _SAMBA_ _
added interface ip=10.20.30.45 bcast=10.20.30.255 nmask=255.255.255.0
Socket opened.
querying _ on 216.150.192.190
name_query failed to find name _
querying _SAMBA_ on 216.150.192.190
name_query failed to find name _SAMBA_
querying _ on 216.150.192.190
name_query failed to find name _
[root at trailrunner samba]# nmblookup -B 10.20.30.45 _ _SAMBA_ _
added interface ip=10.20.30.45 bcast=10.20.30.255 nmask=255.255.255.0
Socket opened.
querying _ on 10.20.30.45
name_query failed to find name _
querying _SAMBA_ on 10.20.30.45
name_query failed to find name _SAMBA_
querying _ on 10.20.30.45
name_query failed to find name _
[root at trailrunner samba]#

Despite the above issue with nmblookup, if I type in smbclient -L 
10.20.30.45 -N I get
[root at trailrunner samba]# smbclient -L 10.20.30.45 -N
Anonymous login successful
Domain=[DJ14847] OS=[Unix] Server=[Samba 3.0.23c-2.el5.2]

        Sharename       Type      Comment
        ---------       ----      -------
        temp            Disk      temp test directory
        test            Disk      for testing purposes only
        IPC$            IPC       IPC Service (Trailrunner, Samba 
3.0.23c-2.el5.2 on (trailrunner))
Anonymous login successful
Domain=[DJ14847] OS=[Unix] Server=[Samba 3.0.23c-2.el5.2]

        Server               Comment
        ---------            -------
        TRAILRUNNER          Trailrunner, Samba 3.0.23c-2.el5.2 on 
(trailrunn

        Workgroup            Master
        ---------            -------
        DJ14847             

But if I try with 'trailrunner' in place of 10.20.30.45 it times out.

I can see the shares though - but I have no luck at all attempting to 
connect to my home directory - my test directories are also not working 
quite right.  The permissions for each are as follows (yes I set rights 
to 777 for testing purposes)
    for [temp] path  = /sambatest
    drwxrwxrwx   2 root root  4096 Apr 29 15:40 sambatest
    for [test] path = /export/test
    drwxrwxrwx  2 root root 4096 Apr 29 15:15 test

I can copy files into [test] or into [temp] but I can't copy anything 
from either share back to my Win2000 workstation or my Apple MacBook.  I 
also can't delete anything or open anything, or copy (drag and drop) 
between the shares.

Say I try and copy a file "wdw rates.pdf" between them - then I get the 
following:
[2007/04/29 15:44:41, 3] smbd/trans2.c:call_trans2qfilepathinfo(2908)
  call_trans2qfilepathinfo: TRANSACT2_QPATHINFO: level = 1004
[2007/04/29 15:44:41, 3] smbd/msdfs.c:dfs_redirect(435)
  dfs_redirect: Not redirecting Trailrunner/test/Trailrunner/test/WDW 
rates.pdf.
[2007/04/29 15:44:41, 3] smbd/msdfs.c:dfs_redirect(439)
  dfs_redirect: Path converted to non-dfs path Trailrunner/test/WDW 
rates.pdf
[2007/04/29 15:44:41, 3] smbd/error.c:error_packet(146)
  error packet at smbd/trans2.c(2919) cmd=50 (SMBtrans2) 
NT_STATUS_OBJECT_PATH_NOT_FOUND
[2007/04/29 15:44:41, 3] smbd/process.c:process_smb(1110)
  Transaction 267 of length 152
[2007/04/29 15:44:41, 3] smbd/process.c:switch_message(914)
  switch message SMBntcreateX (pid 6008) conn 0x9755c80
[2007/04/29 15:44:41, 3] smbd/msdfs.c:dfs_redirect(435)
  dfs_redirect: Not redirecting Trailrunner/test/WDW rates.pdf.
[2007/04/29 15:44:41, 3] smbd/msdfs.c:dfs_redirect(439)
  dfs_redirect: Path converted to non-dfs path WDW rates.pdf
[2007/04/29 15:44:41, 3] smbd/dosmode.c:unix_mode(147)
  unix_mode(WDW rates.pdf) returning 0744
[2007/04/29 15:44:41, 3] smbd/open.c:open_file(278)
  Error opening file WDW rates.pdf (Permission denied) (local_flags=0) 
(flags=0)
[2007/04/29 15:44:41, 3] smbd/error.c:unix_error_packet(90)
  unix_error_packet: error string = Permission denied
[2007/04/29 15:44:41, 3] smbd/error.c:error_packet(146)
  error packet at smbd/trans2.c(2682) cmd=162 (SMBntcreateX) 
NT_STATUS_ACCESS_DENIED

If I attempt to connect to my home directory, the log shows the following:
[2007/04/29 15:29:10, 3] smbd/service.c:make_connection_snum(752)
  Connect path is '/home/dan' for service [dan]
[2007/04/29 15:29:10, 3] lib/util_seaccess.c:se_access_check(250)
[2007/04/29 15:29:10, 3] lib/util_seaccess.c:se_access_check(251)
  se_access_check: user sid is 
S-1-5-21-2148115504-1604552216-1780682046-2000
  se_access_check: also S-1-22-2-500
  se_access_check: also S-1-1-0
  se_access_check: also S-1-5-2
  se_access_check: also S-1-5-11
  se_access_check: also S-1-22-2-10
[2007/04/29 15:29:10, 3] smbd/vfs.c:vfs_init_default(219)
  Initialising default vfs hooks
[2007/04/29 15:29:10, 3] lib/util_seaccess.c:se_access_check(250)
[2007/04/29 15:29:10, 3] lib/util_seaccess.c:se_access_check(251)
  se_access_check: user sid is 
S-1-5-21-2148115504-1604552216-1780682046-2000
  se_access_check: also S-1-22-2-500
  se_access_check: also S-1-1-0
  se_access_check: also S-1-5-2
  se_access_check: also S-1-5-11
  se_access_check: also S-1-22-2-10
[2007/04/29 15:29:10, 3] smbd/sec_ctx.c:set_sec_ctx(241)
  setting sec ctx (500, 500) - sec_ctx_stack_ndx = 0
[2007/04/29 15:29:10, 0] smbd/service.c:make_connection_snum(911)
  '/home/dan' does not exist or permission denied when connecting to 
[dan] Error was Permission denied

If the above info isn't complete, or if it indicates something that you 
would also like to see, please let me know.  Again, I truly appreciate 
the help.

Cheers-
dan

More information about the samba mailing list